Options for creating custom user interface for content editors

rahulpandey8920 · September 1, 2022, 3:17pm

I am looking at options for creating a custom user interface for content editors and I have read the documentation related to preview content here: https://docs.squidex.io/02-documentation/developer-guides/preview

One of the options in my mind is to create a frontend app in ReactJS which interacts with a backend api which abstracts the squidex api from the frontend and provided a custom user experience while still using the features of squidex like content versioning, workflow etc. Its just that the operations would be triggered by custom frontend app instead of Squidex management UI

Frontend -> Backend -> Squidex

Would it be possible to pass the logged in user’s context to the API calls made to squidex ? So that users, roles, workflows and rules can still be defined within squidex.

Thanks!

Sebastian · September 1, 2022, 4:46pm

Hi you have a custom OIDC server you can configure Squidex to use this server. Then you can control the permissions from your auth server.

But I am not entirely sure if this answers your question. Do you have a custom user management?

rahulpandey8920 · September 1, 2022, 4:55pm

Hi,
Yes, I can have a custom Identity Provider to authenticate the user. Is it possible to have the same user setup in squidex as well with roles like editor, reviewer, publisher etc and the backend on top of squidex could make requests for operations like create content, publish content in the context of the user in squidex.

The other option I can think of is creating a service account client in squidex for the backend and apply the authorisation within the backend but then it might be more complex. I am not sure.

Sebastian · September 1, 2022, 4:58pm

If you get a user token from your identity provider with a sub field and so on, it should be identified as a squidex user with the normal permissions.

Technically Squidex already works like this. There is the identity provider component inside Squidex and the UI gets the access token from there, then the API validates the token with the local identity provider component, but it could also be a remote identity server. It should work, yes!

rahulpandey8920 · September 1, 2022, 5:00pm

Great!

I wanted to get some sense check before spending much time on it so thanks for that!